Overview

File poppler-CVE-2022-27337.patch of Package poppler.36856

Index: poppler-22.01.0/poppler/Hints.cc
===================================================================
--- poppler-22.01.0.orig/poppler/Hints.cc
+++ poppler-22.01.0/poppler/Hints.cc
@@ -184,21 +184,31 @@ void Hints::readTables(BaseStream *str,
     char *p = &buf[0];
 
     if (hintsOffset && hintsLength) {
-        Stream *s = str->makeSubStream(hintsOffset, false, hintsLength, Object(objNull));
+        std::unique_ptr<Stream> s(str->makeSubStream(hintsOffset, false, hintsLength, Object(objNull)));
         s->reset();
         for (unsigned int i = 0; i < hintsLength; i++) {
-            *p++ = s->getChar();
+            const int c = s->getChar();
+            if (unlikely(c == EOF)) {
+                error(errSyntaxWarning, -1, "Found EOF while reading hints");
+                ok = false;
+                return;
+            }
+            *p++ = c;
         }
-        delete s;
     }
 
     if (hintsOffset2 && hintsLength2) {
-        Stream *s = str->makeSubStream(hintsOffset2, false, hintsLength2, Object(objNull));
+        std::unique_ptr<Stream> s(str->makeSubStream(hintsOffset2, false, hintsLength2, Object(objNull)));
         s->reset();
         for (unsigned int i = 0; i < hintsLength2; i++) {
-            *p++ = s->getChar();
+            const int c = s->getChar();
+            if (unlikely(c == EOF)) {
+                error(errSyntaxWarning, -1, "Found EOF while reading hints2");
+                ok = false;
+                return;
+            }
+            *p++ = c;
         }
-        delete s;
     }
 
     MemStream *memStream = new MemStream(&buf[0], 0, bufLength, Object(objNull));
openSUSE Build Service is sponsored by
Places